Part 1: Analyzing Real-Life Cases; Assessing Risk and Raising Awareness Mitigating Insider Threat: New and Improved Practices Transcript

Abstract

Our definition of a malicious insider is a current, or former, employee, contractor or business partner. We've recently added the business partner aspect of that to the definition because of recent trends that we're seeing. So it's current or former employee, contractor, or business partner who has, or had, authorized access to your network, your systems, your data, and intentionally misused that access. So this is not looking at accidental data leakage. Although we would like to, we have not looked at that yet. So this is intentional misuse of your systems, data or network, and then what the negative consequences to the confidentiality, integrity, or availability of your information or your systems.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2009
Accession Number
AD1146097

Entities

People

  • Dawn Cappelli

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Materials and Manufacturing Processes
  • Weapons Technologies

DTIC Thesaurus Topics

  • Best Practices
  • Commerce
  • Computer Programs
  • Contractors
  • Employment
  • Human Resources
  • Information Security
  • Information Systems
  • Insider Threats
  • Intellectual Property
  • Law
  • Law Enforcement
  • National Security
  • Personnel Management
  • Risk
  • Risk Analysis
  • Sabotage
  • Security
  • Software Development
  • Training

Readers

  • Cybersecurity.
  • Government Contracting/Procurement.
  • Systems Analysis and Design